The cybersecurity jobs shortage isn't about a shortage of people. Rather, it's a lack of skills among those who consider themselves IT security professionals, says Alan Paller of SANS Institute.
With organizations racing to be the first-to-market with the latest, coolest app, they are forgetting something critically important: applying security principles in the development and deployment.
We are no longer facing a global IT security staffing shortage - it's a full-blown crisis. This is the conclusion of new research conducted by (ISC)². Julie Peeler and Bruce Murphy offer insight.
Bashas' network attack highlights how PCI compliant companies can still be breached. So what steps should merchants take to ensure better security, and how should banks help them?
What skill sets and expertise make for the most seamless career transitions? Two industry experts, both with experience in banking and cybersecurity, share their perspectives.
It isn't just a staffing shortage that stops organizations from building cyberteams. It's a skills crisis, says SANS Institute founder Alan Paller, who tells why now is the ideal time to fill top roles with qualified professionals.
Security leaders have a firm grasp on their technology controls and processes as they continue into 2013. It's addressing the vulnerabilities in people that remains the outstanding challenge of the year.
Using technology to prevent breaches is insufficient. Security leaders also must address the human factor, making sure staff members receive appropriate training on clear-cut policies - before it's too late.
Managing advanced persistent threats will be a priority throughout 2013, says RSA CISO Eddie Schwartz. How should organizations defend themselves against APTs and the year's other top security threats?
It's not malware, crime rings or hacktivists. What, then, are among the threats that concern security leaders most? CISO Tom Newton offers new insight on today's top threats and strategies to combat them.
In the rush to allow personal devices to be used for work, we in application security neglected to examine thoroughly the new risks external applications may introduce to our organizations.
Heading into 2013, security leaders across industry feel confident about their processes and technology. People, though, continue to create the greatest risks. Can "awareness in depth" make a difference?
As social media continue to expand and evolve, organizations need to formalize a policy to address the risks. Expert Sherrie Madia details the must-haves that should be included in a policy.
Despite numerous data breaches, as well as financial incentives and penalties, many healthcare organizations aren't taking risk assessment requirements seriously. Experts offer insights on best practices.
DDoS attacks against U.S. banking institutions have exposed website vulnerabilities organizations have failed to address, says Jason Malo of CEB TowerGroup. Here, Malo offers defense strategies.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.